OpenID-Connect-PHP
OpenID-Connect-PHP copied to clipboard
jumbojett
Minimalist OpenID Connect client
According to the OIDC spec [5.3.2. Successful Userinfo Response](https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse) we need to be sure of the following: > The sub (subject) Claim MUST always be returned in the UserInfo Response....
Resolves issue #403. **List of common tasks a pull request require complete** - [x] Changelog entry is added or the pull request don't alter library's functionality
The `refreshToken()` method in `OpenIDConnectClient` doesn't seem to allow for the setting of the `id_token` if it is present in the response payload. The OpenID Connect spec suggests that the...
**List of common tasks a pull request require complete** - [x] Changelog entry is added or the pull request don't alter library's functionality
**List of common tasks a pull request require complete** - [x] Changelog entry is added or the pull request don't alter library's functionality
Hi, in a client credentials flow the scope parameter is optional and the current implementation send the parameter anyway: ```php public function requestClientCredentialsToken() { $token_endpoint = $this->getProviderConfigValue('token_endpoint'); $headers = [];...
I have used your library for my Joomla SSO authentication. Hovewer, on signout with this library as below, signout is triggered successfully but for some reason am not logged out....
Hi This part has a bug ``` public function requestUserInfo($attribute = null) { $user_info_endpoint = $this->getProviderConfigValue('userinfo_endpoint'); $schema = 'openid'; $user_info_endpoint .= '?schema=' . $schema; //The accessToken has to be sent...
…ying JWT claims Microsoft uses multi tenancy for oidc at https://login.microsoftonline.com/organizations/v2.0/.well-known/openid-configuration. The well-known issuer is given as "https://login.microsoftonline.com/{tenantid}/v2.0" and therefore issuer validation fails. I am checking for this "{tenantid}" in...
…ib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification **List of common tasks a pull request require complete** - [ ] Changelog entry is added or...
